- 1 Paul's Security Weekly Episode #663 - August 20, 2020
- 2 1. Interview - Advanced Actionable Threat Intelligence - 06:00 PM-06:45 PM
- 3 2. Interview - Qualys - 07:00 PM
- 4 3. News - Security News - 08:00 PM
Paul's Security Weekly Episode #663 - August 20, 2020
Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe
1. Interview - Advanced Actionable Threat Intelligence - 06:00 PM-06:45 PM
- With all the recent changes to BlackHat and DefCon, we realized we can keep doing what we do best - host virtual podcasts! I’m proud to announce Hacker Summer Camp 2020, a Security Weekly Virtual, Live-Stream Event, August 3 - August 6, 2020. To reserve your slot now, visit: securityweekly.com/summercamp2020
Many are collecting bits of data we call threat intelligence, IoCs and TTPs. You should do this, however you can benefit from going deeper and collecting intel earlier in the cycle and understanding your adversaries motives, methods and how they use the tools.
Jeff Bardin is the Chief Intelligence Officer for Treadstone 71 with clients on 4 continents. In 2007, Jeff received the RSA Conference award for Excellence in the Field of Security Practices. His team also won the 2007 SC Magazine Award – Best Security Team. Jeff sits or has sat on the Board of Boston Infragard, Content Raven, Journal of Law and Cyber Warfare, and Wisegate and was a founding member of the Cloud Security Alliance. Jeff served in the USAF as a cryptologic linguist and in the US Army / US Army National Guard as an armor officer, armored scout platoon leader. Mr. Bardin has extensive experience in cyber intelligence lifecycle services, program builds, targeted research and support, cyber counterintelligence services and analysis, deception planning, and cyber operations.
Doug White - Professor at Roger Williams University Jeff Man - Sr. InfoSec Consultant at Online Business Systems Joff Thyer - Security Analyst at Black Hills Information Security Larry Pesce - Senior Managing Consultant and Director of Research at InGuardians Lee Neely - Senior Cyber Analyst at Lawrence Livermore National Laboratory Tyler Robinson - Managing Director of Network Operations at Nisos, Inc
2. Interview - Qualys - 07:00 PM
3. News - Security News - 08:00 PM
Paul Asadoorian's Content:
- Xcode becomes vector for new Mac malware attack
- Tesla is finally fixing this major security flaw
- InfoSec Handlers Diary Blog - ISC Blocked
- InfoSec Handlers Diary Blog - Using API's to Track Attackers - Turns out attackers are also bad at key management!
- Critical Jenkins Server Vulnerability Could Leak Sensitive Information
- Are CSRF Tokens Necessary?
- Secret Service reportedly paid to access phone location data
- Telehealth is the future of healthcare, but how secure is it? - Help Net Security - But, but, none of these articles about the security of Telehealth tell us anything interesting or useful: “However, the first step is to assess how the data is encrypted and who is authorized to access this data. From there, IT teams should work closely with leadership to fill in the security gaps on telehealth solutions that protect patients while also providing the convenience.”
- New Microsoft Defender ATP Capability Blocks Malicious Behaviors - Called “endpoint detection and response (EDR) in block mode,” the capability is meant to provide post-breach blocking of malware and other malicious behaviors, by taking advantage of Microsoft Defender ATP’s built-in machine learning models, Microsoft says.
- The Sounds a Key Make Can Produce 3D-Printed Replica
- Voice Phishers Targeting Corporate VPNs - “For a number of reasons, this kind of attack is really effective,” said Allison Nixon, chief research officer at New York-based cyber investigations firm Unit 221B. “Because of the Coronavirus, we have all these major corporations that previously had entire warehouses full of people who are now working remotely. As a result the attack surface has just exploded.”
- FritzFrog Botnet Attacks Millions of SSH Servers
- Google fixes major Gmail bug seven hours after exploit details go public
- 6 Ingenious Ways Hackers Break Into the Worlds Most Secure Computers
- CVE Turns 21: How it Made it to This Milestone
- Disrupting a power grid with cheap equipment hidden in a coffee cup - “Without touching the solar inverter, without even getting close to it, I can just place a coffee cup nearby and then leave and go anywhere in the world, from which I can destabilize the grid,” Al Faruque said. “In an extreme case, I can even create a blackout.” Solar inverters convert power collected by rooftop panels from direct to alternating current for use in homes and businesses. Often, the sustainably generated electricity will go into microgrids and main power networks. Many inverters rely on Hall sensors, devices that measure the strength of a magnetic field and are based on a technology that originated in 1879.
- Out-of-Band Update Patches Privilege Escalation Flaws in Windows 8.1, Server 2012
- CVE-2020-3446 default credentials bug exposes Cisco ENCS, CSP Appliances to hack
- IBM finds vulnerability in IoT chips present in billions of devices - As IBM notes, the role that machines with EHS8 modules fill makes this a critical security flaw. Medical devices that an attacker penetrates could be manipulated to cover up concerning vital signs, create false panic situations, overdose patients, or cut off essential life-saving functions. In the energy and utilities sector, a compromised EHS8 module could be used to manipulate smart meter readings, shut down meters to cut off power, or damage the power grid itself.